Tagging in a storage device

ABSTRACT

In an embodiment, a command issued by an entity may be acquired by a controller contained in a storage device. The command may be issued by the entity to access a block in the storage device. The entity may be associated with a tag that may identify the entity. The tag may be associated with the block. Information about the association between the tag and the block may be stored in the storage device.

BACKGROUND

A computing device may use one or more storage systems to storeinformation. The information may include, for example, data and/orexecutable instructions. The storage systems may include a primarystorage and a secondary storage. A primary storage may be a storage thatis directly accessible to a processor that may be contained in thecomputing device. The processor may access the primary storage via amemory bus that may contain provisions for transferring informationbetween the processor and the primary storage. A secondary storage maybe a storage that may not be directly accessible to the processor. Here,information may be transferred between the processor and the secondarystorage via one or more input/output (I/O) channels that may be part ofan I/O bus.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are incorporated in and constitute apart of this specification, illustrate one or more embodiments describedherein and, together with the description, explain these embodiments. Inthe drawings:

FIG. 1 illustrates a block diagram of an example embodiment of acomputing device;

FIG. 2 illustrates an example embodiment of a storage device;

FIG. 3 illustrates an example layout of a non-volatile memory devicethat may be contained in a storage device;

FIG. 4 illustrates an example embodiment of a tag that may be associatedwith one or more blocks contained in a storage device;

FIG. 5 illustrates examples of tags that may be associated with one ormore blocks contained in a storage device;

FIG. 6 illustrates a flow chart of example acts that may be used tostore information in a storage device;

FIG. 7 illustrates a flow diagram of example acts that may be used toacquire information that is stored in a storage device; and

FIG. 8 illustrates a flow diagram of example acts that may be used toerase information that is stored in a storage device.

DETAILED DESCRIPTION

The following detailed description refers to the accompanying drawings.The same reference numbers in different drawings may identify the sameor similar elements. Also, the following detailed description does notlimit the invention.

A computing device may include a non-volatile storage device that thecomputing device may use to store information (e.g., data) that is tosurvive after power is lost to the computing device. For example, acomputing device, such as a smart phone, tablet, or ultrabook, maycontain a processor and a solid-state disk (SSD). The SSD may provide anon-volatile storage for storing information used by the computingdevice. The information may include, for example, data and/orapplications that may be used by the computing device. By storing theinformation in the SSD, the information may be persisted such that theinformation may be retained after power is lost to the computing device.The processor may retrieve the persisted information from the SSD afterpower is restored to the computing device.

A non-volatile storage device, such as an SSD, may store information inphysical blocks that may be contained in the non-volatile storagedevice. A processor associated with a computing device may access theinformation using a logical block address (LBA). The LBA may be anaddress of a logical block. The LBA may map to a physical block address(PBA) contained in the non-volatile storage device. The PBA may be anaddress that may be associated with a physical block that may becontained in the non-volatile storage device. A physical block in anon-volatile storage device may also be referred to as a physical pagein the non-volatile storage device.

The non-volatile storage device may maintain a logical-to-physical (L2P)table, which the non-volatile storage device may use to translate LBAsto PBAs. The L2P table may be part of a context that may be maintainedby the non-volatile storage device.

For example, suppose a computing device includes a processor and anon-volatile storage device. The processor may issue a command to readinformation in the non-volatile storage device. The processor mayspecify the location of the information in the command using an LBA. Thenon-volatile storage device may acquire (e.g., receive, read) thecommand and identify the physical location of the information bytranslating the LBA to a PBA using an L2P table that may be managed bythe non-volatile storage device. Suppose the PBA points to a particularphysical block contained in a non-volatile store in the non-volatilestorage device. The non-volatile storage device may read informationstored in the physical block and return the information to theprocessor.

FIG. 1 illustrates a block diagram of an example embodiment of acomputing device 100. Referring to FIG. 1, computing device 100 mayinclude various components such as, for example, processing logic 120,primary storage 130, secondary storage 150, one or more input devices160, one or more output devices 170, and one or more communicationinterfaces 180.

It should be noted that FIG. 1 illustrates an example embodiment ofcomputing device 100. Other embodiments of computing device 100 mayinclude more components or fewer components than the componentsillustrated in FIG. 1. The components may be arranged differently thanas illustrated in FIG. 1.

For example, in an embodiment of computing device 100, secondary storage150 may be contained at a remote site that provides “cloud” storage. Thesite may be accessible to computing device 100 via a communicationsnetwork, such as, for example, the Internet. A communication interface180 may be used to interface the computing device 100 with thecommunications network.

Also, it should be noted that functions performed by various componentscontained in other embodiments of computing device 100 may bedistributed among the components differently than as described herein.

Computing device 100 may include an input/output (I/O) bus 110 that maybe used to communicate information between components in computingdevice 100. The information may include, for example, control signalsand/or data. Examples of I/O buses that may be used to implement I/O bus110 may include serial AT attachment (SATA), peripheral componentinterconnect (PCI), PCI express (PCI-e), universal serial bus (USB),small computer system interface (SCSI), serial attached SCSI (SAS), orsome other I/O bus.

Computing device 100 may include a memory bus 190 that may enableinformation, which may be stored in primary storage 130, to betransferred between processing logic 120 and primary storage 130. Theinformation may include computer-executable instructions and/or datathat may be executed, manipulated, and/or otherwise processed byprocessing logic 120.

Processing logic 120 may include logic for interpreting, executing,and/or otherwise processing information. The information may be storedin, for example, primary storage 130 and/or secondary storage 150. Inaddition, the information may be acquired by one or more input devices160 and/or communication interfaces 180.

Processing logic 120 may include a variety of heterogeneous hardware.For example, the hardware may include some combination of one or moreprocessors, microprocessors, field programmable gate arrays (FPGAs),application specific instruction set processors (ASIPs), applicationspecific integrated circuits (ASICs), complex programmable logic devices(CPLDs), graphics processing units (GPUs), and/or other types ofprocessing logic that may, for example, interpret, execute, manipulate,and/or otherwise process the information. Processing logic 120 maycomprise a single core or multiple cores. An example of a processor thatmay be used to implement processing logic 120 is the Intel® Xeon®processor available from Intel Corporation, Santa Clara, Calif.

Input devices 160 may include one or more input devices that may be usedto input information into computing device 100. The input devices mayinclude, for example, a keyboard, computer mouse, microphone, camera,trackball, gyroscopic device (e.g., gyroscope), mini-mouse, touch pad,stylus, graphics tablet, touch screen, joystick (isotonic or isometric),pointing stick, accelerometer, palm mouse, foot mouse, puck, eyeballcontrolled device, finger mouse, light pen, light gun, neural device,eye tracking device, steering wheel, yoke, jog dial, space ball,directional pad, dance pad, soap mouse, haptic device, tactile device,neural device, multipoint input device, discrete pointing device, and/orsome other input device. The information may include spatial (e.g.,continuous, multi-dimensional) data that may be input into computingdevice 100 using, for example, a pointing device, such as a computermouse. The information may also include other forms of data, such as,for example, text that may be input using a keyboard.

Output devices 170 may include one or more output devices that mayoutput information from computing device 100. The output devices mayinclude, for example, a cathode ray tube (CRT), plasma display device,light-emitting diode (LED) display device, liquid crystal display (LCD)device, vacuum florescent display (VFD) device, surface-conductionelectron-emitter display (SED) device, field emission display (FED)device, haptic device, tactile device, printer, speaker, videoprojector, volumetric display device, plotter, touch screen, and/or someother output device. Output devices 170 may be directed by, for example,processing logic 120, to output the information from computing device100. Outputting the information may include presenting (e.g.,displaying, printing) the information on an output device 170. Theinformation may include, for example, text, graphical user interface(GUI) elements (e.g., windows, widgets, and/or other GUI elements),audio (e.g., music, sounds), and/or other information that may beoutputted by output devices 170.

Communication interfaces 180 may include logic for interfacing computingdevice 100 with, for example, one or more communications networks andenable computing device 100 to communicate with one or more entities(e.g., nodes) coupled to the communications networks. The communicationsnetworks may include, for example, the Internet, wide-area networks(WANs), local area networks (LANs), 3G and/or 4G networks. Communicationinterfaces 180 may include one or more transceiver-like mechanisms thatmay enable computing device 100 to communicate with entities coupled tothe communications networks. Examples of communication interfaces 180may include a built-in network adapter, network interface card (NIC),Personal Computer Memory Card International Association (PCMCIA) networkcard, card bus network adapter, wireless network adapter, UniversalSerial Bus (USB) network adapter, modem, and/or other device suitablefor interfacing computing device 100 to a communications network.

Primary storage 130 and secondary storage 150 may include one or memorydevices. A memory device may support, for example, serial or randomaccess to information contained in the memory device. A memory devicethat supports serial access to information stored in the memory devicemay be referred to as a serial memory device. A memory device thatsupports random access to information stored in the memory device may bereferred to as a random access memory (RAM) device.

A memory device may be, for example, volatile or non-volatile. Avolatile memory device may be a memory device that may lose informationstored in the device when power is removed from the device. Anon-volatile memory device may be a memory device that may retaininformation stored in the device when power is removed from the device.Examples of memory devices may include dynamic RAM (DRAM) devices, flashmemory devices, static RAM (SRAM) devices, zero-capacitor RAM (ZRAM)devices, twin transistor RAM (TTRAM) devices, read-only memory (ROM)devices, ferroelectric transistor RAM (FeTRAM) devices,magneto-resistive RAM (MRAM) devices, phase change memory (PCM) devices,PCM and switch (PCMS) devices, nanowire-based devices, resistive RAMdevices (RRAM), serial electrically erasable programmable ROM (SEEPROM)devices, serial flash devices, and/or other types of memory devices.

Primary storage 130 may be accessible to processing logic 120 via memorybus 190. Primary storage 130 may include a non-transitory tangiblecomputer readable medium that may store information for processing logic120. The information may include, for example, computer-executableinstructions and/or data that may implement operating system (OS) 132and application (APP) 136. The computer-executable instructions may beexecuted, interpreted, and/or otherwise processed by processing logic120. The computer-executable instructions and/or data may includecomputer-executable instructions and/or data that may implement one ormore embodiments of the invention.

Primary storage 130 may be implemented using one or more memory devicesthat may store information for processing logic 120. The memory devicesmay include volatile and/or non-volatile memory devices.

OS 132 may be a conventional operating system that may implement variousconventional operating system functions. The functions may include, forexample, (1) scheduling one or more portions of APP 136 to run on (e.g.,be executed by) processing logic 120, (2) managing primary storage 130,and/or (3) controlling access to various components in computing device100 (e.g., input devices 160, output devices 170, communicationinterfaces 180, secondary storage 150) and information received and/ortransmitted by these components.

Examples of operating systems that may be used to implement OS 132 mayinclude the Linux operating system, Microsoft Windows operating system,the Symbian operating system, Mac OS operating system, and the Androidoperating system. A distribution of the Linux operating system that maybe used is Red Hat Linux available from Red Hat Corporation, Raleigh,N.C. Versions of the Microsoft Windows operating system that may be usedinclude Microsoft Windows Mobile, Microsoft Windows 8, Microsoft Windows7, Microsoft Windows Vista, and Microsoft Windows XP operating systemsavailable from Microsoft Inc., Redmond, Wash. The Symbian operatingsystem is available from Accenture PLC, Dublin, Ireland. The Mac OSoperating system is available from Apple, Inc., Cupertino, Calif. TheAndroid operating system is available from Google, Inc., Menlo Park,Calif.

OS 132 may include one or more drivers 134. The drivers 134 may providean interface between OS 132 and/or APP 136, and one or more devices thatmay be associated with components in computing device 100. Thesecomponents may include, for example, input devices 160, output devices170, communication interfaces 180, and/or secondary storage 150.

For example, a driver 134 may provide an interface between OS 132 and/orAPP 136 and storage device 200. The driver 134 may contain provisionsthat enable the OS 132 and/or APP 136 to communicate with the storagedevice 200. Communication here may include, for example, writinginformation to storage device 200, reading information from storagedevice 200, acquiring a status of storage device 200, and so on.

APP 136 may be a software application that may execute under control ofOS 132 on computing device 100. APP 136 and/or OS 132 may containprovisions for processing transactions that may involve writing and/orreading information in a storage device 200 in secondary storage 150.These provisions may be implemented using data and/orcomputer-executable instructions contained in APP 136 and/or OS 132.

Secondary storage 150 may include a storage device 200. The storagedevice 200 may be accessible to processing logic 120 via I/O bus 110.The storage device 200 may store information (e.g., data,computer-executable instructions). The information may be executed,interpreted, manipulated, and/or otherwise processed by processing logic120. The information may include computer-executable instructions and/ordata that may implement one or more embodiments of the invention.

Storage device 200 may include volatile or non-volatile storage forstoring the information. Examples of devices that may be used toimplement storage device 200 may include one or more magnetic diskdrives, optical disk drives, RAM drives, flash drives, SSDs, hybriddrives, and/or other storage devices. The information may be stored onone or more non-transitory tangible computer-readable media contained inthe storage devices. Examples of non-transitory tangiblecomputer-readable media that may be contained in the storage devices mayinclude magnetic discs, optical discs, volatile memory devices, and/ornon-volatile memory devices.

FIG. 2 illustrates an example embodiment of storage device 200.Referring to FIG. 2, storage device 200 may include controller 220 and anon-volatile storage 240. The controller 220 may include deviceprocessing logic 222 and a local storage 224. The non-volatile storage240 may include one or more non-volatile memory devices 300.

The device processing logic 222 may include processing logic that mayprocess information contained in local storage 224. The processing logicmay include some combination of one or more processors, microprocessors,FPGAs, ASIPs, ASICs, CPLDs, and/or other types of processing logic thatmay, for example, interpret, execute, manipulate, and/or otherwiseprocess the information. For example, the local storage 224 may storecomputer-executable instructions that may be executed by deviceprocessing logic 222 to write and/or read information in non-volatilestorage 240 and/or perform other functions and/or operations that may beassociated with storage device 200.

Local storage 224 may include a volatile and/or non-volatile storagethat may be used to store the information that may be processed bydevice processing logic 222. The information may include data and/orcomputer-executable instructions that may be associated with anoperation of storage device 200.

Storage device 200 may support logical blocks, which may be used tostore information in storage device 200. A logical block may beassociated with an LBA that may be used to identify the logical block.Information stored in a logical block may be accessed (e.g., read,written) by processing logic 120 (FIG. 1) using an LBA associated withthe logical block.

A logical block may be associated with a physical block that may becontained in non-volatile storage 240. The physical block may beassociated with a PBA that may be used to identify the physical block.The physical block may physically store information associated with thelogical block in the non-volatile storage 240.

Local storage 224 may include context 226, which may contain contextinformation that may be associated with storage device 200. The contextinformation may include, for example, an L2P table that may containinformation that may be used by device processing logic 222 to translatean LBA to a PBA.

For example, suppose processing logic 120 issues a command to readinformation in a logical block in storage device 200 that is associatedwith LBA “0”. Further suppose that an L2P table in context 226 containsan entry that indicates that LBA “0” corresponds to physical block “16”in non-volatile storage 240. Storage device 200 may acquire the commandand process it. Processing may include accessing the entry in the L2Ptable to identify that LBA “0” corresponds to physical block “16”. Thus,in response to the command issued by processing logic 120, storagedevice 200 may read the information stored at physical block “16” instorage device 200 and return the read information to processing logic120.

A tag may be associated with one or more blocks (e.g., logical blocks,physical blocks) that may be contained in a storage device, such asstorage device 200. The tag may include, for example, an identifier (ID)and other information (e.g., access privileges). As will be describedfurther below, the ID may be used to determine whether an entity (e.g.,a user, an application) is associated with the one or more logicalblocks. As will also be described further below, other information inthe tag may be used to, for example, (1) identify rights (e.g., accessrights) that the entity may have with respect to the one or more logicalblocks, (2) specify an encryption technique (scheme) for informationcontained in the one or more logical blocks, (3) associate keywords withinformation contained in the one or more logical blocks, (4) specify asecurity level associated with information contained in the one or morelogical blocks, and/or (5) describe a content of information containedin the one or more logical blocks.

Index 228 may, for example, contain information that may associate oneor more tags with one or more blocks in storage device 200. Index 228may be organized as a data structure (e.g., a table) that may containone or more entries that may be used to establish associations betweentags and blocks.

For example, suppose storage device 200 includes a first set of logicalblocks and a second set of logical blocks. Further, suppose a first tagis associated with the first set of logical blocks and a second tag isassociated with the second set of logical blocks. Index 228 may beorganized as a data structure having a first entry that may associatethe first tag with the first set of logical blocks and a second entrythat may associate the second tag with the second set of logical blocks.

The non-volatile storage 240 may provide storage for information storedon storage device 200. The storage may be non-volatile. The informationmay be provided, for example, by processing logic 120.

Non-volatile storage 240 may contain one or more non-volatile memorydevices 300 a-b that may be used to store the information. Examples ofdevices that may be used to implement a non-volatile memory device 300may include flash memory devices, PCM devices, PCMS devices, NAND memorydevices, or other non-volatile storage devices.

A non-volatile memory device 300 may store the information in physicalblocks contained in the non-volatile memory device 300. A physical blockmay be a minimum sized unit that may be written in the non-volatilememory device 300. A physical block may be fixed in size (e.g., 2048bytes). Physical blocks may be organized into erase blocks (EBs), wherean EB may include one or more physical blocks.

An EB may be a type of block that is associated with a group of one ormore physical blocks that may be erased as a group. For example, supposenon-volatile memory device 300 includes sixty-four physical blocks whichare divided into eight EBs where each EB includes eight differentphysical blocks. Erasing an EB may cause all eight physical blocksassociated with the EB to be erased.

FIG. 3 illustrates an example layout of non-volatile memory device 300.Referring to FIG. 3, non-volatile memory device 300 may include a die320. The die 320 may contain one or more EBs 330 wherein an EB 330 maycontain one or more physical blocks 340. The physical blocks may also bereferred to as physical pages. In the example layout illustrated in FIG.3, die 320 includes eight EBs (labeled “EB0” through “EB7”) andsixty-four physical blocks (numbered “0” through “63”). Further, an EB330 includes eight physical blocks. Thus, for example, EB 330 a includeseight physical blocks numbered “0” through “7”. Likewise, for example,EB 330 b includes eight physical blocks numbered “56” through “63”.

It should be noted that the layout illustrated in FIG. 3 is an examplelayout of an embodiment of non-volatile memory device 300. Otherembodiments of non-volatile memory device 300 may include other layouts.For example, other embodiments of non-volatile memory device 300 mayinclude more dies, EBs, and/or physical blocks, or fewer EBs and/orphysical blocks than what is illustrated in FIG. 3.

As noted above, a tag may be associated with one or more blockscontained in a storage device. The tag may include, for example, an IDand other information. The ID may identify an entity (e.g., anapplication, a user) associated with the one or more blocks. The otherinformation may include information that may describe a relationshipbetween the entity and the one or more blocks. For example, the otherinformation may include information about access rights that the entityhas to the one or more blocks. The other information may includeinformation that may be related to the contents of the one or moreblocks. For example, the other information may include key words thatmay be associated with a data that may be stored in the one or moreblocks.

FIG. 4 illustrates an example embodiment of a tag 400 that may beassociated with one or more blocks contained in a storage device.Referring to FIG. 4, the tag 400 may include an ID field 420 and another field 430. The ID field 420 may be used to hold an ID that mayidentify an entity (e.g., an application, a user) that may be associatedwith the one or more blocks. The other field 430 may include informationthat may describe a relationship between the entity and the one or moreblocks.

FIG. 5 illustrates example embodiments of tag 400. Referring to FIG. 5,block 520 illustrates an example embodiment of tag 400 that involvesmetadata. The metadata may include multiple entries where an entry mayinclude a name field and a content field. The name field may containinformation that describes the contents of the content field. Thecontent field may include content (e.g., data) associated with theentry. In block 520, line 522 may include information that may becontained in an ID field 420 of a tag 400. Lines 524 through 528 mayinclude information that may be contained in the other field 430 of thetag 400.

For example, suppose that tag 400 is associated with one or more blocksin storage device 200. Line 522 contains a name field that is set to thevalue “owner” and a content field that is set to the value “JDOE”. Here,the name field indicates that the content field contains an ownerassociated with the blocks in storage device 200. In this example, theowner is identified as “JDOE”.

Line 524 contains a name field that is set to “description” and acontent field that is set to “YEARLY SALES”. The name field may indicatethat the content field contains a description of information that may bestored in the blocks in storage device 200. In this example, the contentfield contains the value “YEARLY SALES”. Thus, the information stored inthe blocks may be related to, for example, yearly sales of anorganization.

Line 526 contains a name field that is set to “keywords” and a contentfield that is set to “FINANCE, ACCOUNTING, SPREADSHEET”. Here, the namefield may indicate that the content field contains keywords related tothe information stored in the blocks in storage device 200. The keywordsmay be used, for example, when searching for information contained inthe blocks.

Line 528 contains a name field that is set to “SecLevel” and a contentfield that is set to “RESTRICTED”. Here, the name field may indicatethat the content field contains a security level associated with theinformation stored in the blocks in storage device 200. The value of thecontent field (i.e., “RESTRICTED”) may indicate that the information maybe accessed, for example, only by entities (e.g., users, applications)that have privileges that enable them to access information at thatsecurity level.

Block 560 illustrates another example embodiment of tag 400 thatincludes “Username” and “Rights” information. In block 560, line 562illustrates an example format that may be used in this exampleembodiment. The format includes “Username” and “Rights” information. The“Username” information may be contained in the ID field 420 of the tag400 and the “Rights” information may be contained in the other field 430of the tag.

The “Username” information may include an ID that may be associated witha user. The “Rights” information may include privileges (e.g., accessprivileges) that may be, for example, afforded to the user. Theprivileges may include, for example, permission to read, write, modify,and/or delete information contained in one or more blocks associatedwith the tag 400.

Lines 564 and 566 illustrate examples of tags 400 that utilize theformat illustrated at line 562. Specifically, at line 562, a first tag400 may indicate that a user assigned the username “SYSTEM” may begranted privileges that may include read and write access (indicated by“R” and “W”, respectively) to blocks associated with the first tag 400.At line 566, a second tag 400 may indicate that a user assigned the username “JDOE” may be granted privileges that may include read, write,modify, and delete (indicated by “R”, “W”, “M”, and “D”, respectively)to blocks associated with the second tag 400.

A tag 400 may be stored in one or more blocks that may be associatedwith tag 400. The tag 400 may be read when processing requests to accessthe one or more blocks. The tag 400 may be used, for example, todetermine whether the requests should be allowed or denied.

For example, suppose a tag 400 and information (e.g., data) is stored ina physical block 340 associated with a logical block in storage device200. Further, suppose APP 136 issues a request to read the informationstored in the logical block. Controller 220 may receive the request andprocess it. Processing may include determining whether APP 136 hasprivileges to read the logical block.

Specifically, controller 220 may read the tag 400 from the physicalblock 340 associated with the logical block. Controller 220 may comparean ID associated with APP 136 to an ID contained in the tag 400 (e.g.,in the ID field 420). Controller 220 may determine whether the IDassociated with the APP 136 matches the ID contained in the tag 400.

Suppose the IDs match. Controller 220 may determine whether the requestshould be allowed based on the nature of the request and/or informationcontained in the tag 400. Suppose that the tag 400 indicates in itsother field 430 that entities associated with the ID may read theinformation stored in the logical block. The controller 220 maydetermine that the request is to be allowed based on this determination.Allowing the request may include the controller 220 reading theinformation stored in the block. The read information may be returned tothe APP 136.

It should be noted that the embodiments illustrated in blocks 520 and560 are example embodiments of tag 400 and that other embodiments of tag400 may include more information or less information than illustrated inblocks 520 and 560. For example, other embodiments of tag 400 mayinclude information about encryption methods that may be used to encryptinformation that may be contained in blocks associated with the tag 400and/or other information, such as whether a user particular user mayexecute information contained in the blocks.

An entity, such as an application, may issue a command to access (e.g.,read, write) a block in a storage device. The command may be acquired,for example, by a controller contained in the storage device. The entitymay be associated with a tag and information may be stored in thestorage device that associates the tag with the block. The informationmay be used to associate the entity with the block.

FIG. 6 illustrates a flowchart of example acts that may be used to storedata and a tag in a storage device. Referring to FIG. 6, at block 610, arequest may be issued to store the data in a block contained in thestorage device. The request may be, for example, a command that may beissued by an entity to write data to a block that may be contained inthe storage device.

At block 612, the request may be acquired. For example, the request maybe issued by an application that may be executing in a computing deviceunder control of an operating system. The operating system may acquirethe command from the application and transfer the command to a driverassociated with the storage device. The driver may acquire the commandfrom the operating system. The driver may forward the command to thestorage device, which may acquire the command at a controller containedin the storage device.

At block 614, a check may be performed to determine whether the entityis associated with a tag. The tag may include, for example, an ID andother information. The ID may identify the entity and the otherinformation may include information related to the data to be stored inthe block.

For example, the application may be associated with the tag. The tag maybe forwarded to the storage which may acquire the tag. The controller inthe storage device may acquire the tag and determine that theapplication is associated with a tag.

If it is determined that the entity is not associated with a tag, atblock 616 a default tag may be associated with the block. The defaulttag may be a predefined tag that may contain, for example, a default IDand information related to the default ID (e.g., default accessprivileges). If at block 614 it is determined that the entity isassociated with a tag, at block 618 the tag associated with the entitymay be associated with the block.

Information that associates the tag with the block may be maintained by(e.g., stored in) the storage device. For example, continuing the aboveexample, the controller may associate the tag with the block using anindex, such as index 228 (FIG. 2). Associating the tag with the blockmay include, for example, creating an entry in the index that associatesthe tag and with the block. The index may be stored in the storagedevice. In another example, information that associates the tag with theblock may be stored in the block.

Information that associates the tag with the block may contain, forexample, tag information and an address that may identify the block. Theaddress may include, for example, a physical block address or a logicalblock address that may be associated with the block.

At block 620, the data is stored in the block. The data may be stored inthe block by writing the data to the block.

For example, referring to FIGS. 1-4 and 6, suppose APP 136 generates arequest to write data to a logical block in storage device 200. Furthersuppose that the logical bock corresponds to physical block 340 and thatAPP 136 is associated with a tag 400. APP 136 may issue the request toOS 132. OS 132 may receive the request and transfer the request todriver 134. Driver 134 may receive the request and process it.Processing may include, for example, transferring the tag 400 and datato storage device 200 and directing storage device 200 to write the datain the storage device 200 at a location specified by the logical block.

Storage device 200 may receive the request, tag 400, and data from thedriver 134. Device processing logic 222 may identify a physical block innon-volatile storage 240 that corresponds to the logical block. Supposethat device processing logic 222 identifies that physical block 340corresponds to the logical block. Device processing logic 222 may writethe data to physical block 340. Device processing logic 222 may updateindex 228 to associate the tag 400 with physical block 340 and/or thelogical block.

Note that various processing may be performed based on informationcontained in a tag. For example, in the above example, tag 400 mayinclude an indication that the data is to be written to the storagedevice 200 in an encrypted form. Here, the tag 400 may specify anencryption technique that may be used to encrypt the data. Devicecontroller 220 may encrypt the data according to the technique and writethe encrypted data to physical block 340.

In another example, information contained in a tag may be used toestablish access rights associated with a logical block that is written.For example, suppose in the above example that the logical block isbeing written for the first time after being erased. The tag may containaccess rights information that may identify one or more entities thatmay access the block after the block is written. Moreover, the tag mayinclude information that may indicate a type of access (e.g., read,write, delete) that may be permitted.

FIG. 7 illustrates a flow diagram of example acts that may be used toacquire information that is stored in a storage device. Referring toFIG. 7, at block 710, an entity issues a request to read data from ablock in the storage device. At block 712, the request is acquired. Atblock 714, a check is performed to determine whether a tag is associatedwith the entity. If a tag is not associated with the entity, at block716, a default tag is associated with the entity.

At block 718, a check is performed to determine whether the tagassociated with the entity matches a tag associated with the block inthe storage device. If the tags do not match, at block 720, the mismatchis handled. The mismatch may be handled, for example, by indicating anerror condition in a response to the request (e.g., error status, errorcode). If at block 718, it is determined that the tags match, at block722, the contents of the block in the storage device is read andreturned.

For example, referring to FIGS. 1-4 and 7, suppose that APP 136 issues acommand to read data from a logical block in storage device 200.Further, suppose that the logical block corresponds to physical block340. OS 132 may receive the request and forward the request to driver134. Driver 134 may receive the request from OS 132 and determinewhether APP 136 is associated with a tag 400.

Suppose that driver 134 determines that APP 136 is associated with a tag400. Driver 134 may transfer the tag 400 to storage device 200. Inaddition, driver 134 may direct storage device 200 to read the contentsof the logical block. Device processing logic 222 may receive the tag400 and access index 228 to determine whether the tag 400 matches taginformation about the logical block.

Suppose that device processing logic 222 determines that the tags match.Device processing logic 222 may determine that physical block 340 isassociated with the logical block. Device processing logic 222 may readthe contents of physical block 340 and return the contents over bus 110to driver 134. Driver 134 may transfer the contents to APP 136 via OS132.

A tag may be used to identify one or more blocks that may be erased in astorage device. FIG. 8 illustrates a flow chart of example acts that maybe used to erase one or more blocks in a storage device where the one ormore blocks may be identified based on a tag associated with an entity.

Referring to FIG. 8, at block 810, an entity may issue a request toerase one or more blocks in the storage device. For example, the entitymay be an application, such as APP 136, and the blocks may be containedin storage device 200. APP 136 may issue a command to erase the blocksin the storage device 200.

At block 812, the request is acquired. For example, APP 136 may issuethe command to OS 132. The operating system may receive the command fromAPP 136 and forward the command to driver 134. The driver 134 mayreceive the command from OS 132.

At block 814, a check is performed to determine whether the requestindicates to erase blocks in the storage device that are associated witha tag that matches a tag associated with the entity. Continuing theabove example, after receiving the command from the OS 132, the driver134 may, for example, process the request. Processing may includedetermining whether the command indicates that blocks to be erased areblocks that are associated with a tag that matches a tag associated withthe entity.

If at block 814 it is determined that the request indicates to eraseblocks in the storage device that are associated with a tag that matchesa tag associated with the entity, at block 816, blocks in storage thatare associated with a tag that matches the tag associated with theentity are erased. Otherwise, at block 818 all blocks in the storage maybe erased. Here, “all blocks in the storage may be erased” may include,for example, erasing blocks in the storage device regardless of whetherthey are associated with tags that match the tag associated with theentity.

For example, referring to FIGS. 1-4 and 8, suppose that APP 136 isassociated with a tag 400. Further, assume APP 136 issues a command toerase all logical blocks in storage device 200 that are associated withthe tag 400. OS 132 may receive the command from APP 136 and forward thecommand to driver 134. Driver 134 may receive the command from OS 132and determine that the command indicates that all logical blocks instorage device 200 that are associated with the tag 400 are to beerased.

Driver 134 may transfer the tag 400 to storage device 200. In addition,driver 134 may direct storage device 200 to erase all blocks associatedwith the tag 400. Device processing logic 222 may receive the tag 400and process the request. Processing may include, for example, (1)searching index 228 to identify blocks in non-volatile storage 240 thatare associated with the tag 400 and (2) erasing the identified blocks.

The foregoing description of embodiments is intended to provideillustration and description, but is not intended to be exhaustive or tolimit the invention to the precise form disclosed. Modifications andvariations are possible in light of the above teachings or may beacquired from practice of the invention. For example, while a series ofacts has been described above with respect to FIGS. 6, 7, and 8, theorder of the acts may be modified in other implementations. Further,non-dependent acts may be performed in parallel.

Also, the term “user”, as used herein, is intended to be broadlyinterpreted to include, for example, a computing device (e.g., fixedcomputing device, mobile computing device) or a user of a computingdevice, unless otherwise stated.

It will be apparent that one or more embodiments, described herein, maybe implemented in many different forms of software and/or hardware.Software code and/or specialized hardware used to implement embodimentsdescribed herein is not limiting of the invention. Thus, the operationand behavior of embodiments were described without reference to thespecific software code and/or specialized hardware—it being understoodthat one would be able to design software and/or hardware to implementthe embodiments based on the description herein.

Further, certain features of the invention may be implemented usingcomputer-executable instructions that may be executed by processinglogic, such as processing logic 120 and/or device processing logic 222.The computer-executable instructions may be stored on one or morenon-transitory tangible computer-readable storage media. The media maybe volatile or non-volatile and may include, for example, DRAM, SRAM,flash memories, removable disks, non-removable disks, and so on.

No element, act, or instruction used herein should be construed ascritical or essential to the invention unless explicitly described assuch. Also, as used herein, the article “a” is intended to include oneor more items. Where only one item is intended, the term “one” orsimilar language is used. Further, the phrase “based on” is intended tomean “based, at least in part, on” unless explicitly stated otherwise.

It is intended that the invention not be limited to the particularembodiments disclosed above, but that the invention will include any andall particular embodiments and equivalents falling within the scope ofthe following appended claims.

What is claimed is:
 1. A method comprising: acquiring a command issuedby an entity to access a block in a storage device, the command beingacquired by a controller contained in the storage device, the entitybeing associated with a tag; and storing, in the storage device,information that associates the tag with the block.
 2. The method ofclaim 1, further comprising: acquiring the tag from the entity.
 3. Themethod of claim 1, wherein the tag is a default tag.
 4. The method ofclaim 1, wherein the entity is an application that executes in acomputing device.
 5. The method of claim 4, wherein the storage deviceis contained in the computing device.
 6. The method of claim 1, whereinthe information associating the tag with the block includes an addressthat identifies the block.
 7. The method of claim 6, wherein the addressis a physical block address or a logical block address associated withthe block.
 8. The method of claim 1, wherein the information thatassociates the tag with the block is stored in the block.
 9. The methodof claim 1, wherein the information that associates the tag with theblock is stored in an index that is maintained by the controller. 10.The method of claim 1, wherein the entity is an application that isexecuted by processing logic contained in the computing device.
 11. Themethod of claim 1, wherein the command is a command to write data to theblock and wherein the method further comprises: writing the data to theblock.
 12. The method of claim 1, wherein the command is a command towrite data to the block and wherein the tag identifies an encryptiontechnique for encrypting the data and wherein the method furthercomprises: encrypting the data in accordance to the encryptiontechnique; and writing the encrypted data to the block.
 13. A storagedevice comprising: a data storage containing one or more blocks forstoring data; and processing logic for: acquiring a command issued by anentity to write data to a block contained in the storage, the entitybeing associated with a tag, and storing information that associates thetag with the block in the storage device.
 14. The storage device ofclaim 13, wherein the storage device is contained in a computing deviceand the entity is an application that executes in the computing device.15. The storage device of claim 13, wherein the information thatassociates the tag with the block is stored in the block.
 16. Thestorage device of claim 13, further comprising: a local storage, whereinthe information that associates the tag with the block is stored in thelocal storage.
 17. The storage device of claim 16, wherein theinformation that associates the tag with the block is stored in an indexcontained in the local storage.
 18. The storage device of claim 13,wherein the tag includes an identifier that identifies the entity. 19.The storage device of claim 13, wherein the tag includes an identifierfield and an other field and wherein the identifier field contains andidentifier that identifies the entity and the other field containsmetadata that identifies information contained in the other field.
 20. Amethod comprising: receiving a command to erase data associated with anentity, the data being contained in a block contained in a data storagein a storage device; searching an index, contained in a local storage inthe storage device, to identify the block, the block being identifiedbased on a tag associated with the entity matching a tag associated withthe block; and erasing the data contained in the block.